diff --git a/spec/classes/rabbitmq_spec.rb b/spec/classes/rabbitmq_spec.rb index 56f632e38..4a547780a 100644 --- a/spec/classes/rabbitmq_spec.rb +++ b/spec/classes/rabbitmq_spec.rb @@ -483,7 +483,10 @@ %r{ssl_listeners, \[3141\]} ) should contain_file('rabbitmq.config').with_content( - %r{ssl_options, \[\{cacertfile,"/path/to/cacert"} + %r{ssl_options, \[} + ) + should contain_file('rabbitmq.config').with_content( + %r{cacertfile,"/path/to/cacert"} ) should contain_file('rabbitmq.config').with_content( %r{certfile,"/path/to/cert"} @@ -507,7 +510,7 @@ it 'should set ssl options to specified values' do should contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[\{"0.0.0.0", 3141\}\]}) - should contain_file('rabbitmq.config').with_content(%r{ssl_options, \[\{cacertfile,"/path/to/cacert"}) + should contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"}) should contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"}) should contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key}) end @@ -528,7 +531,8 @@ it 'should set ssl options to specified values' do should contain_file('rabbitmq.config').with_content(%r{tcp_listeners, \[\]}) should contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[3141\]}) - should contain_file('rabbitmq.config').with_content(%r{ssl_options, \[\{cacertfile,"/path/to/cacert"}) + should contain_file('rabbitmq.config').with_content(%r{ssl_options, \[}) + should contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"}) should contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"}) should contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key}) end @@ -548,7 +552,7 @@ it 'should set ssl options to specified values' do should contain_file('rabbitmq.config').with_content(%r{tcp_listeners, \[\]}) should contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[\{"0.0.0.0", 3141\}\]}) - should contain_file('rabbitmq.config').with_content(%r{ssl_options, \[\{cacertfile,"/path/to/cacert"}) + should contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"}) should contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"}) should contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key}) end @@ -566,7 +570,8 @@ it 'should set ssl options to specified values' do should contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[3141\]}) - should contain_file('rabbitmq.config').with_content(%r{ssl_options, \[\{cacertfile,"/path/to/cacert"}) + should contain_file('rabbitmq.config').with_content(%r{ssl_options, \[}) + should contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"}) should contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"}) should contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key}) should contain_file('rabbitmq.config').with_content(%r{ssl, \[\{versions, \['tlsv1.1', 'tlsv1.2'\]\}\]}) diff --git a/templates/rabbitmq.config.erb b/templates/rabbitmq.config.erb index 5681ec638..c81096552 100644 --- a/templates/rabbitmq.config.erb +++ b/templates/rabbitmq.config.erb @@ -26,14 +26,18 @@ <%- else -%> {ssl_listeners, [<%= @ssl_port %>]}, <%- end -%> - {ssl_options, [<%- if @ssl_cacert != 'UNSET' -%>{cacertfile,"<%= @ssl_cacert %>"},<%- end -%> - {certfile,"<%= @ssl_cert %>"}, - {keyfile,"<%= @ssl_key %>"}, - {verify,<%= @ssl_verify %>}, - {fail_if_no_peer_cert,<%= @ssl_fail_if_no_peer_cert %>} - <%- if @ssl_versions -%> - ,{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]} - <% end -%>]}, + {ssl_options, [ + <%- if @ssl_cacert != 'UNSET' -%> + {cacertfile,"<%= @ssl_cacert %>"}, + <%- end -%> + {certfile,"<%= @ssl_cert %>"}, + {keyfile,"<%= @ssl_key %>"}, + {verify,<%= @ssl_verify %>}, + {fail_if_no_peer_cert,<%= @ssl_fail_if_no_peer_cert %>} + <%- if @ssl_versions -%> + ,{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]} + <%- end -%> + ]}, <%- end -%> <% if @config_variables -%> <%- @config_variables.keys.sort.each do |key| -%>